Referrer SPAM? What the heck is referrer SPAM? I know, I know, just what we need, a new flavor of SPAM! Here’s the tale of how we figured it all out…

For the last several months, Marilyn and I have been monitoring a growing situation in the site logs of the clients on maintenance. At first one site’s logs showed several Russian sites in their referrer logs and the next month there were a few more… more hits, more sites. We took notice, but didn’t act because the domain names were business in nature and I had recently done a search engine submission and there are legitimate Russian search engines out there. It wasn’t until non-business (I’m sure you know what I mean!) domain names started showing that we began to get concerned. My first thought was that these sites were attempting to find vulnerabilities in the code of the website to hack in and load the site with hidden links, hidden pages, or viruses. Luckily the client site in question contained little programming with the capability of being hacked so we had time to investigate.

In the meantime, Russian sites started showing up on our own referrer site logs. Now we’ve got to figure out what is happening because whatever it is, it’s spreading and our sites do contain programming and software that can be hacked. Of course we checked our “stuff” and made sure everything was up to date so any security holes would be patched, but still we were worried.

We discussed blocking the Russian sites, but there were many of them so either it was going to be a huge project requiring constant monitoring and updating or we would have to block all Russian sites which would prevent legitimate traffic. We decided against this route because if the sites visiting are up to no good, they aren’t going to behave and listen to our ‘do not enter’ rules anyway.

Marilyn did some research and viola, the cause was found… referrer SPAM! Here’s what she had to say…

Apparently these are what’s considered referrer spam. Sigh… Like we needed more! Anyway, it’s done so that people who publish their stats (or I guess don’t make them private in any way) end up publishing their URLs, which will get people to click them and therefore end up higher up in the search engine rankings because they’re linked from all over the web.

There’s also the scam where this guy would click on people’s pay-per-click (PPC) ads causing them tons of charges for the clicks – since he was using regular sounding names and not clicking quite enough to arouse suspicion it took a while before he got caught.

Marilyn recommends the following links if you want to research this further on your own. I’ve included Marilyn’s comments too!

Blogger Help Forum Thread: Why am I being flooded with “referring sites and URLS” from Russia to one particular post, according to Stats? – support forum, basically people asking the same thing we did, about whether these domains are somehow hurting us or should be blocked, etc. [2]

With the cause found, we relaxed. The Russian sites weren’t trying to hack us or our clients and while their tactics aren’t anything I’d recommend or do, they aren’t causing any harm. None of our clients publish their stats or offer pay-per-click space on their sites. We have nothing to worry about and neither do our clients.